CVE-2023-1108
CVSS v3.1
7.5 (High)
EPSS
0.15 % (52th)
Affected Products
17
Advisories
1
NVD Status
Modified
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
Weaknesses
- CWE-835
- Loop with Unreachable Exit Condition ('Infinite Loop')
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- Red Hat, Inc.
- Published Date
-
2023-09-14 15:15:08
(12 months ago) - Updated Date
-
2024-05-03 16:15:10
(4 months ago)
Affected Products
- Build Of Quarkus
- Decision Manager
- Fuse
- Integration Camel K
- Integration Service Registry
- Jboss Enterprise Application Platform
- Jboss Enterprise Application Platform Expansion Pack
- Openshift Application Runtimes
- Openshift Container Platform
- Openshift Container Platform For Linuxone
- Openshift Container Platform For Power
- Openstack Platform
- Process Automation
- Single Sign-on
- Undertow
- Enterprise Linux
Loading...
Loading...
Configuration #1
|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
AND |
|
---|
Configuration #5
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...